Revision as of 13:47, 15 September 2011

"Polipo is a small and fast caching web proxy (a web cache, an HTTP proxy, a proxy server). While Polipo was designed to be used by one person or a small group of people, there is nothing that prevents it from being used by a larger group."

Unlike Squid, Polipo is very light on resources and simple to configure. This makes it ideal for single user systems and other uncomplicated setups. Do keep in mind; however, that this versatility comes at a cost; Polipo will increase its space usage without restriction as it is not aware of how big its disk cache grows. This perceived fault is by design, since omitting these sanity checks drastically reduces Polipo's memory usage and overall toll on the system. A practical way of restricting disk usage is by making Polipo run as its own user and employing disk quota.

# Uncomment this if you want to put the on-disk cache in a
# non-standard location:
diskCacheRoot = "~/.polipo-cache/"

Create the cache directory:

$ mkdir ~/.polipo-cache

Finally, launch Polipo with the new configuration:

$ polipo -c ~/.poliporc

Configuration

Management is mostly performed in Template:Filename. Most users can opt for using the sample configuration file, which is sufficient for most situations and well documented.

# cd /etc/polipo; cp config.sample config

One element of configuration that warrants mentioning is polipo's default behavior of blocking outbound connections by port. There are two variables in polipo's config file that control allowed outbound ports. Template:Codeline specifies ports for outbound HTTP connections. It defaults to 80-100 and 1024-65535. Template:Codeline specifies ports polipo will allow tunnel traffic to as well as HTTPS traffic. By default it is much more restricted: "It defaults to allowing ssh, HTTP, https, rsync, IMAP, imaps, POP, pops, Jabber, CVS and Git traffic."

If you see a "403 Forbidden Port" error message from polipo when attempting to browse to a host:port, you need to configure polipo to accept traffic to more ports for either HTTP or HTTPS. To set them wide open, add the following to Template:Filename:

allowedPorts = 1-65535
tunnelAllowedPorts = 1-65535

Unlike other proxies, Polipo needs to be restarted after alterations.

Browser

Set the browser so that it uses Template:Codeline for proxying. Be sure to disable the browser's disk cache to avoid redundant IO operations and bad performance.

Tunneling

Note: According to the Polipo FAQ on "intercepting proxy" this is not possible/supported!

Note: this requires to run Polipo as its own user.

Instead of manually configuring each browser or other utilities that might benefit from Polipo's caching, one can also use iptables to route traffic through polipo.